modules/private/websites/tools/tools/adminer.nix

   1 { adminer }:
   2 rec {
   3   activationScript = {
   4     deps = [ "httpd" ];
   5     text = ''
   6       install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/sessions/adminer
   7       install -m 0755 -o ${apache.user} -g ${apache.group} -d /var/lib/php/tmp/adminer
   8       '';
   9   };
  10   webRoot = adminer;
  11   phpFpm = rec {
  12     socket = "/var/run/phpfpm/adminer.sock";
  13     pool = ''
  14       user = ${apache.user}
  15       group = ${apache.group}
  16       listen.owner = ${apache.user}
  17       listen.group = ${apache.group}
  18       pm = ondemand
  19       pm.max_children = 5
  20       pm.process_idle_timeout = 60
  21       ;php_admin_flag[log_errors] = on
  22       ; Needed to avoid clashes in browser cookies (same domain)
  23       php_value[session.name] = AdminerPHPSESSID
  24       php_admin_value[open_basedir] = "${webRoot}:/tmp:/var/lib/php/sessions/adminer:/var/lib/php/tmp/adminer"
  25       php_admin_value[session.save_path] = "/var/lib/php/sessions/adminer"
  26       php_admin_value[upload_tmp_dir] = "/var/lib/php/tmp/adminer"
  27       '';
  28   };
  29   apache = rec {
  30     user = "wwwrun";
  31     group = "wwwrun";
  32     modules = [ "proxy_fcgi" ];
  33     webappName = "_adminer";
  34     root = "/run/current-system/webapps/${webappName}";
  35     vhostConf = ''
  36       Alias /adminer ${root}
  37       <Directory ${root}>
  38         DirectoryIndex index.php
  39         <FilesMatch "\.php$">
  40           SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
  41         </FilesMatch>
  42
  43         Use LDAPConnect
  44         Require ldap-group cn=users,cn=mysql,cn=pam,ou=services,dc=immae,dc=eu
  45         Require ldap-group cn=users,cn=postgresql,cn=pam,ou=services,dc=immae,dc=eu
  46       </Directory>
  47       '';
  48   };
  49 }